Another Fraud Scheme From Malta

Malta is in the spotlight of the world as it finds itself in another multimillion-dollar fraud scheme. A sophisticated network of 125 Android applications has eased the advertisers a couple of hundred million dollars. Advertisements targeted for the end and final users instead reached the well-programmed machine “bots” that are opening the advertisements and thus generating profits for the operators. BuzzFeed has initially discovered the abuse, who later sent the data to Google. Google quickly examined the situation and reacted.

Companies related to this sophisticated network are from Bulgaria, Cyprus, Croatia, Malta and the British Virgin Islands.

The way the criminal group functioned is rather more sophisticated than what we have been accustomed before. The network through the “We Purchase Apps” buyers purchased apps, paying for the actual value of the applications. In order everything to look legitimate, they transferred the company’s headquarters to one of the countries in which they are located… and guess where that country is?

BuzzFeed revealed that all apps and websites included in “fake” traffic are part of Maltese Fly Apps. Two Israelis, Omer Anatot and Michael Ariy Iron, and two Germans, Thomas Porcel and Felix Rainer own the company. Interestingly, Mr. Iron is co-owner in a Serbian company working on the development of Android applications and web services.

After this, for some time they followed the habits of the users who continued to use the applications. This data were used to create a boot network that greatly imitated regular users’ behavior. A fraud participant estimates that companies are damaged several hundred million dollars.

Fraud applications are already installed on over 115 million devices. The applications are completely different, from an application that turns the phone into a flashlight, to a selfie camera.

What is perhaps the most impressive in the whole deception is the commitment of the parties involved, the fraudsters actually made upgrades and maintained the applications. The purpose of this is to keep existing users and not to draw attention to themselves. One application, “Everything Me” has over 20 million users!

Google has already reported that applications that are part of the network were part of the already-well-known botnet, TechSnab, which the company follows. The way the network itself functions is by opening hidden windows in the browser. In these windows, then ads are opened and the earnings from them increase considerably. The worst-case scenario of AppsFlyer predicts that in just three months the damage is between 700 and 800 million dollars.

This fraud mainly is targeted towards mobile devices. Google has already removed all the applications that are part of this network from the AdMob network. However, the company found in its investigation that several networks were used to split the earnings from advertising. The disclosure of the entire operation continues, assures Google.

You can learn more about BuzzFeed about the fraud and the connection of a bunch of companies from the region.